The “Websites” means Front’s websites (including without limitation www.frontapp.com,
app.frontapp.com and any successor URLS, mobile or localized versions and related domains and subdomains), and
the “Services” means FrontApp’s products, applications and services, in each case in whatever format they may be
offered now or in the future.

2 - Purpose of This privacy policy

The purpose of this “Privacy Policy” is to inform you of the type of personal data we collect when
you use our Services, why we collect the data, how it is used and your rights and choices. If you do not agree
with this Privacy Policy, do not access or use our Services.

3 - Personal Data We Collect

When you use our Services we collect personal data about you, described below. The term “Personal Data” means any
data that enables a person to be identified. Personal Data that you provide to us. We collect Personal Data that
you provide to us when you purchase our Services and register for a FrontApp account, such as your family name,
first name, profile photo, postal address, email address, telephone numbers, date of birth, data relating to your
transactions on the Websites, detail of your orders and subscriptions, payment information, such as payment card
details (collected by our payment service provider), Single Sign On(SSO) SAML 2.0 credentials as well as any other
information about you that you choose to provide us with.

We also collect the information that you may choose to submit to our customer support team, for example regarding
a problem you are experiencing with our Services. This may include your contact information, a summary of the problem
you are experiencing, and any other documentation or information that would be helpful in resolving the issue.

Automatically collect data. When you interact with FrontApp through the Services, we automatically collect information
about you through cookies (small text files placed on your device), mobile device identifier and other technologies.
Please read the “Cookies” section below to learn more about how we use cookies and other technologies. When you
visit our Websites, our servers record information (“log data”), including information that your browser automatically
sends whenever you visit the Website. This log data includes your Internet Protocol (“IP”) address (from which
we understand the country you are connecting from at the time you visit the Site), browser type and settings, the
date and time of your request.

4. How We Use Personal Data

We collect Personal Data for the following purposes:

To provide the Services and manage your access and use of the Services, including to process transactions with
you, authenticate you when you log in, provide customer support, operate and maintain the Services, follow-up
of the customer relations. This processing is necessary to perform the contract with you or to take steps prior to entering into a contract at your request, or it is necessary for our legitimate interests in responding to your requests.

To communicate directly with you, including by sending you newsletters, promotions and special offers or information
about current products, current services, new products and services. This use of your data is in our legitimate
interest in communicating with our customers about our products and services you may be interested into. You
may at any time opt out of receiving such communications by (i) clicking the unsubscribe link included in all
the emails you receive or (ii) contacting us as indicated under “Contact” section below.
We will send you other information on our new products or services or other promotions only with your consent (and you have the right to withdraw your consent at any time).

To comply with our legal and regulatory obligations.

As necessary for certain legitimate business interests, which include the following:

To better understand how visitors interact with our Services and ensure that our Websites are presented in the
most effective manner for you, and as part of our efforts to keep our Websites, network and information systems
secure.

For providing, maintaining, protecting, developing, benchmarking and improving FrontApp’s offerings, in particular
resolving any bugs and fixes, enhancing or improving features of existing products and developing new products
and capabilities.

To conduct analytics to inform our marketing strategy and enable us to enhance and personalize our communications
and the experience we offer to our users.

To manage unpaid invoices and possible disputes about the use of our products and services.

To share Personal Data within our affiliates and subsidiaries for internal administrative purposes.

If you ask us to delete your data or to be removed from our marketing lists and we are required to fulfil your
request, we will keep basic data to identify you and prevent further unwanted processing.

We may anonymize, de-identify and/or aggregate the information that we collect and use such anonymized, de-identified
and/or aggregated data for commercial, statistical and market research purposes, including sharing it with
affiliates and business partners.

As used above, “legitimate interests” means our interests in conducting our business, managing and delivering
the best Services to you. We will not use your Personal Data for activities where the impact on you overrides
our interests, unless we have your consent or those activities are otherwise required or permitted by law.

With your consent, we use Personal Data about you where you have given us consent to do so for a specific purpose
not listed above. For example, with your permission we may publish testimonials or featured customer stories
on our Websites to promote the Services, including names and profile photo of representatives of our customers
alongside the testimonial.

We will inform you, when requesting your Personal Data, if certain data must be provided or if it is optional. We
will also inform you of the consequences should you not wish to provide this data. While providing our Services,
we may collect on behalf of our customers information related to our customers’ employees, customers and other
individuals. Our use of information on behalf of our customers is governed by our contract with the applicable
customer and the customer’s own privacy policies. We are not responsible for the privacy policies or privacy practices
of customers or other third parties.

5 - Privacy Shield

FrontApp, Inc. complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department
of Commerce regarding the collection, use, and retention of Personal Data transferred from the European Union and
Switzerland to the United States. FrontApp, Inc. has certified to the Department of Commerce that it adheres to
the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please
visit privacyshield.gov. FrontApp, Inc. is overseen by the US Federal Trade Commission (FTC). JAMS is the US-based
independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance
– free of charge to you. We ask that you first submit any such complaints directly to us at privacy@frontapp.com.
If you are not satisfied with our response, please contact JAMS at www.jamsadr.com/eu-us-privacy-shield. In the
event that your concern still is not addressed by JAMS, you may be entitled to a binding arbitration under Privacy
Shield and its principles. Within the scope of our authorization to do so, and in accordance with our commitments
under the Privacy Shield, FrontApp, Inc. will provide individuals access to Personal Data about them. FrontApp,
Inc. also will take reasonable steps to enable individuals to correct, amend, or delete Personal Data that is demonstrated
to be inaccurate.

FrontApp, Inc. is responsible for the processing of Personal Data it receives, under the Privacy Shield Framework,
and subsequently transfers to service providers. FrontApp, Inc. complies with the Privacy Shield Principles for
all onward transfers of Personal Data from the EU and Switzerland, including the onward transfer liability provisions.

6 - European Union (EU) Individuals

Scope. This section applies if you are an individual in the EU (for these purposes, reference to the EU
also includes the European Economic Area countries of Iceland, Liechtenstein and Norway and, to the extent applicable,
Switzerland).

Data Controller. FrontApp,Inc. is the data controller for processing of your Personal Data.
We act as a data processor (or service provider) in relation to the Services we provide to our Customers.
Our establishment in the EU is in France (FrontAPP SARL). To find out our registered officehow to contact us, please see the “Contact” section below.

Your Rights. Subject to EU data protection law, you have the following rights in relation to your Personal
Data:

Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if
so, provide you with a copy of that Personal Data along with certain other details. If you require additional
copies, we may need to charge a reasonable fee.

Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that
we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction
where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared
your Personal Data so you can contact them directly.

Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw
your consent. If we shared your data with others, we will alert them to the need for erasure where possible.
If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal
Data with so you can contact them directly.

Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal
Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing
it (please read below for information on your right to object). We will tell you before we lift any restriction
on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible.
If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal
Data so you can contact them directly.

Right to data portability: You have the right to obtain your Personal Data from us that you consented
to give us or that was provided to us as necessary in connection with our contract with you where we process that Personal Data in an automated way.
We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.

Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:

If we are relying on a legitimate interest to process your Personal Data -- unless we demonstrate compelling
legitimate grounds for the processing; or

If we are processing your Personal Data for direct marketing (you can always object using the unsubscribe link
in our marketing communications).

Right to withdraw consent: If you have consented to our use of your Personal Data for a specific purpose,
you have the right to change your mind at any time, but this will not affect any processing of your data that
has already taken place.

Right to make a complaint with the data protection authority: If you have a concern about our privacy
practices, including the way we handled your Personal Data, you can report it to the data protection authority
that is authorized to hear those concerns.

Please go to
“Contact” for information on how to exercise your rights.

7 - Disclosure of Personal Data

Personnel, Service Providers. Only our personnel, service providers and trusted third-party applications
have access to your Personal Data. These parties include hosting, back-up and other IT services providers, website analytics companies, providers
of digital advertising services, providers of CRM, marketing and sales software solutions, billing and processing
payments functions. We only provide such parties with the information that they need to perform the services we
have hired them to provide.

Legal Requirements.We may disclose your Personal Data if required to do so by law or in the good
faith belief that such action is necessary to (i) comply with a legal obligation or lawful requests by public authorities,
including to meet national security or law enforcement requirements, (ii) protect and defend the rights or property
of FrontApp, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public,
or (iv) protect against legal liability.

Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event
of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred
assets.

With Your Consent: We may share Personal Data about you with third parties when you give us consent to do so.
For example, with your permission we may publish and display testimonials or featured customer stories on our Websites,
including names and profile photo of representatives of our customers alongside the testimonial.

8 - Data Retention

8.1 - General Provisions

FrontApp may retain your Personal Data for a period of time consistent with the original purpose of collection.
For instance, we may retain your Personal Data during the time you have an account to use our Websites or
Services, or as agreed in our subscription agreements, and for a reasonable period of time thereafter. We also
may retain your Personal Data as necessary to comply with our legal obligations, to establish proof of a
right or a contract, resolve disputes, enforce our agreements, in accordance with the law.

8.2 - Provisions specific to credit card information

Your credit card information is stored no longer than the time necessary to allow the fulfillment of the transaction, except
in the case of a subscription, to facilitate the payment of regular customers. In that case, credit card information
is stored for the whole duration of your subscription and at least until the date at which you carry out your last
transaction. Such storage is implemented by our secured payment service provider Stripe.

By subscribing to our Services, you agree to this storage. Data relating to the visual cryptogram or CVV2 on the back of
your credit card is not stored. In the case of a payment by credit card, however, data relating to the credit card
may be stored as intermediary archives for evidence purpose in the case of possible disputes regarding the transaction,
for the duration provided by article L.133–24 of the French Monetary and Financial Code, i.e. 13 months from the
debit date. This duration may be extended to 15 months, to take into account the possible use of delayed debit
card.

9 - Data Security

We take all necessary precautions, as well as appropriate organizational and technical measures, to maintain the
security, integrity and confidentiality of your Personal Data, and in particular to prevent it from being altered
or damaged and to prevent any unauthorized third party from accessing it. We also use secured payment systems consistent
with the state of the art and the applicable laws and regulations.

10 - Cookies

Cookies are small text files that are placed on your computer or mobile device when you visit a website, mobile app
or use an online platform. Cookies are widely used by online service providers to facilitate and help to make the
interaction between users and websites, mobile apps and online platforms faster and easier, as well as to provide
reporting information. For more information about cookies and their impact on you and your browsing visit www.aboutcookies.org

Cookies set by the website and/or mobile app and/or platform owner (in this case, FrontApp) are called "first party
cookies". Cookies set by parties other than the website and/or mobile app and/or platform owner are called "third
party cookies". Third party cookies enable third party features or functionality to be provided on or through the
website and/or mobile app and/or platform (e.g. like advertising, interactive content and analytics). The parties
that set these third party cookies can recognize your computer or device both when it visits the website and/or
mobile app and/or platform in question and also when it visits certain other websites and/or mobile apps and/or
platforms. By choosing to use our the Websites after having been notified of our use of cookies in the ways described
in this Privacy Policy, and, in applicable jurisdictions, through notice and unambiguous acknowledgement of your consent, you agree to such use.

Why do we use cookies? We use first party and third party cookies for several reasons. Some cookies are
required for technical reasons in order for our Websites and/or App and/or platform to operate, and we refer to
these as "essential" or "strictly necessary" cookies. Other cookies also enable us to track and target the interests
of our users to enhance the experience on our Websites and/or App and/or platform. Third parties serve cookies
through our Websites and/or App and/or platform for analytics and other purposes. This is described in more detail
below.

Our Websites cookies

Purpose

Vendor

How to refuse

Essential website cookies: These cookies are strictly necessary to provide you with services available through
our Websites and to use some of its features.

FrontApp, Inc.

Because these cookies are strictly necessary to deliver the Websites and the Services to you, you cannot refuse
them.

Analytics and customization cookies: These cookies collect information that is used either in aggregate form
to help us understand how our Websites are being used or how effective are marketing campaigns are, or to help
us customize our Websites for you.

Google Analytics

Intellimize

FullStory

Hull.io

Segment

Intercom

Vimeo

To refuse these cookies, please follow the instructions below under the heading "Managing Cookies” Alternatively,
please click on the relevant opt-out link below:

Hull.io does not appear to provide an opt-out link for its cookies. For more information about such cookies, please see
this page.

Segment does not appear to provide an opt-out link for its cookies. For more information about such cookies, please see
this page.

Intercom does not appear to provide an opt-out link for its cookies. For more information about such cookies, please see
this page.

Vimeo does not appear to provide an opt-out link for its cookies. For more information about such cookies, please see
this page.

Advertising cookies: These cookies are used to make advertising messages more relevant to you. They perform functions
like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers,
and in some cases selecting advertisements that are based on your interests.

Bing Ads

DoubleClick

Facebook Pixel

Google AdWords

Capterra

To refuse these cookies, please follow the instructions below under the heading "Managing cookies" Alternatively, please
click on the relevant opt-out link below:

Capterra does not appear to provide an opt-out link for its cookies. For more information about such
cookies, please see
this page.

Managing cookies: Most internet browsers allow you to erase cookies from your computer hard drive, block
all cookies (or just third-party cookies) or warn you before a cookie is stored on your device. Please note, if
you choose to block all cookies, our site will not function as intended and you will not be able to use or access
many of the services we provide. If you have blocked all cookies and wish to make full use of the features and
services we offer, you will need to enable your cookies. You can do this in your browser. Rather than blocking
all cookies, you can choose to only block third-party cookies which will still allow our website to function as
intended.

How We Respond to Do Not Track (DNT) Signals. Some internet browsers have incorporated “Do Not Track” features which, when
enabled, causes your browser to send a do not track HTTP header file or “signal” to each site you visit. At present,
the Services do not respond to this type of signal.

11 - Modifications

We reserve the right, at our sole discretion, to modify this Privacy Policy or any portion thereof. Any changes will
be effective from the time of publication of the new privacy policy. If we believe that the changes are material,
we will let you know by doing one (or more) of the following: (i) posting the changes on or through the Services,
(ii) sending you an email or message about the changes. Your continued use of the Services after the changes have
been implemented shall indicate your agreement with the terms of such revised privacy policy. Otherwise, and if
the new privacy policy does not suit you, you must no longer use the Services.

12 - Contact

Have questions or concerns about Front and privacy? Contact us by email at
privacy@frontapp.com or by post at: